What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-04-16 15:00:00 | Electrum Bitcoin wallets under siege (lien direct) |
Threat actors are relentlessly phishing and attacking Electrum Bitcoin wallet users, racking up millions of dollars.
Categories:
Cybercrime
Social engineering
Tags: bitcoinbitcoinsbotnetddosElectrumexploit kitexploitsRIGRIG EKvulnerabilitieswallet
(Read more...)
|
|||
|
2019-04-15 16:14:04 | Ellen DeGeneres giveaway scam spreading on social media (lien direct) |
Scammers take aim at fans of Ellen DeGeneres with a bizarre chain of giveaways and free movie websites. Will anyone take the bait?
Categories:
Cybercrime
Social engineering
Tags: degeneresellenfacebookscamsocial media
(Read more...)
|
|||
|
2019-04-15 14:42:02 | (Déjà vu) A week in security (April 8 – 14) (lien direct) |
A roundup of news stories from April 8–4, including Baldr, medical management apps, an Android password stealer, and new sextortion scams.
Categories:
Security world
Week in security
Tags: alexaamazonBaldrchinafacebookfake newsInstagrampersonal informationsecuritysextortion scamsvpnweek
(Read more...)
|
|||
|
2019-04-12 17:40:05 | Fake Instagram assistance apps found on Google Play are stealing passwords (lien direct) |
We all want those Instagram likes and followers. But what if the app that's supposed to be assisting you is also stealing your username and password? As a matter of fact, that's exactly what we found in three fake Instagram assistance apps found on Google Play.
Categories:
Cybercrime
Mobile
Tags: android malwareFakeInstaGoogle PlayInstagramMobile
(Read more...)
|
|||
|
2019-04-11 17:03:00 | What is personal information? In legal terms, it depends (lien direct) |
What exactly is the "personal information" that companies need to legally protect? Learn which data points organizations need to secure, from Social Security numbers to olfactory, smell-based data (!), to comply with the law.
Categories:
Privacy
Security world
Tags: California Consumer Privacy Actcybersecurity lawdata breach notificationdata breach notification lawdata privacy legislationdata protection lawEuropean UniongdprGeneral Data Protection Regulationonline privacypersonal datapersonal informationpersonally identifiable informationRSA Conference
(Read more...)
|
|||
|
2019-04-10 15:00:00 | Who is managing the security of medical management apps? (lien direct) |
Because medical records are such a lucrative data set, attackers often target the healthcare industry, seeking out and eventually finding the weakest link in the supply chain. That's why it's important for stakeholders to consider the broader implications of cybersecurity weaknesses in medical management apps. But who should be held responsible?
Categories:
101
Business
Tags: Data privacyhealth appshealthcareHIPPAmedical appsmedical management appsvulnerabilities
(Read more...)
|
|||
|
2019-04-09 15:00:01 | Say hello to Baldr, a new stealer on the market (lien direct) |
Baldr is a new stealer that is being actively developed and distributed. Will it be able to compete in this crowded arena?
Categories:
Criminals
Threat analysis
Tags: Baldrinformation stealerspywarestealerstealer functionalitythreat analysisunpacking code
(Read more...)
|
|||
|
2019-04-08 15:52:04 | (Déjà vu) A week in security (April 1 – 7) (lien direct) |
A roundup of cybersecurity news from April 1–7, including global data privacy laws, water plant cybersecurity, and the mysterious story of a 23-year-old woman's visit to the Mar-a-Lago resort in Florida.
Categories:
Malwarebytes news
Tags: bayerchinese cyberattackschinese cyberthreatscritical infrastructurefacebookmar-a-lagopasswordssocial mediaweek in security
(Read more...)
|
|||
|
2019-04-03 15:43:05 | Was this really an attempt by the Chinese? (lien direct) |
What happened at Mar-a-Lago and can we attribute this possible attempt to get close to the president of the US to China?
Categories:
Cybercrime
Malware
(Read more...)
|
|||
|
2019-04-03 15:00:00 | How gamers can protect against increasing cyberthreats (lien direct) |
We take a look at the various cyberthreats video gamers may encounter online, their real-world consequences, and what users can do to protect themselves.
Categories:
101
FYI
Tags: account takeoverad floodingATObriefingcyberbullyingcybersecuritygroomingmalvertisingmalware in gamesonline gamingphishingPUP in gamesresponsible digital citizenrisks to online gamerssecurity 101stalkingsurvey scamsswattingtrollingvideo games
(Read more...)
|
|||
|
2019-04-02 15:00:00 | The global data privacy roadmap: a question of risk (lien direct) |
For any American company taking steps outside the US market, global data privacy compliance is a question of risk versus reward.
Categories:
Privacy
Tags: AfricaamazonArgentinaasiaBahrainBrazilchinaCNILData privacydata privacy lawsdata protection authorityEuropeEuropean UniongdprGeneral Data Protection Regulationglobal data privacyGooglemicrosoftMiddle EastNational Data Protection CommissionPersonal Information Protection ActQatarsingaporeSouth Koreawhitelist
(Read more...)
|
|||
|
2019-04-01 15:00:00 | Compromising vital infrastructure: water management (lien direct) |
Water management is an essential part of our infrastructure. Loss of it can lead to service outages, diseases, and famine. So the cybersecurity should be top notch.
Categories:
Business
Security world
Tags: awwabyodcity of atlantacrashoverrideemotetinsider threatsransomwarescadastuxnetvital infrastructurewater managementwater plants
(Read more...)
|
Guideline | ||
|
2019-04-01 08:24:01 | A week in security (March 25 – 31) (lien direct) |
A roundup of news stories from March 25 - 31, including phishing, hacking, Government studies, mobile dangers on official stores and more.
Categories:
Security world
Week in security
Tags: adwarehackingmalwareMobilephishingroundupweek in security
(Read more...)
|
|||
|
2019-03-29 15:00:00 | Awakening the beast: BatMobi adware (lien direct) |
BatMobi is an Advertisement Software Developer Kit (Ad SDK) that was once clean and safe to use, but suddenly began serving adware in January. Learn more about this elusive threat, including how to clean it off pre-installed apps on mobile devices.
Categories:
Cybercrime
Mobile
Tags: adwareAndroidBatMobiMobilemobile adwarewebsite redirects
(Read more...)
|
|||
|
2019-03-28 15:00:00 | US Congress proposes comprehensive federal data privacy legislation-finally (lien direct) |
The United States might be the only country of its size to lack a comprehensive data privacy law protecting its citizens' online lives. That could change this year.
Categories:
Privacy
Tags: Amy KlobucharBrian SchatzCalifornia Consumer Privacy ActCDTCenter for Democracy and Technologycomprehensive data privacy lawcomprehensive data privacy legislationConsumer Data Protection Actdata brokerData Care ActData Dissemination ActData privacydata privacy lawdata privacy lawsdata privacy legislationfederal legislationgdprGeneral Data Protection RegulationKlobucharMarco RubioprivacyRon WydenRubioSchatzSenatorstatewide legislationWyden
(Read more...)
|
|||
|
2019-03-27 16:00:00 | Location data leaks from family tracking app database (lien direct) |
An app called Family Locator exposed the personal information and locations of 280,000 users in real time, including children. How did this happen? And how can app developers avoid it in the future?
Categories:
Cybercrime
Privacy
Tags: databaseexposedfamilylocationMongoDB
(Read more...)
|
|||
|
2019-03-27 15:00:00 | Facebook\'s plain text misstep, and other password sins (lien direct) | Read more...) | |||
|
2019-03-26 15:00:00 | Plugin vulnerabilities exploited in traffic monetization schemes (lien direct) |
The latest round of vulnerable WordPress plugins leads to an active traffic monetization campaign via hacked websites.
Categories:
Criminals
Threat analysis
Tags: ad fraudEasy WP STMPhackedmalvertisingpluginsscamsskimmerSocial WarfaretrafficWordPress GDPR
(Read more...)
|
Guideline | ||
|
2019-03-25 15:46:03 | A week in security (March 18 – 24) (lien direct) |
A roundup of cybersecurity news from March 18–24, including Facebook's privacy pivot, password reuse, new research on hospital phishing attacks, infected iPhone apps, and more.
Categories:
Security world
Week in security
Tags: bandersnatchbec. cdc spamBusiness Email Compromisecenter for disease control and preventioncybersecurityeducationepic gamesfacebookformjackinggandcrabgoogle photosiPhonekiddlelearn4lifemalicious appnetflixnetwork securityPassword reusephishingprivacysecurity fatiguesteamvulnerabilities
(Read more...)
|
|||
|
2019-03-22 15:00:00 | Researchers go hunting for Netflix\'s Bandersnatch (lien direct) | ||||
|
2019-03-21 15:00:00 | Are hackers gonna hack anymore? Not if we keep reusing passwords (lien direct) |
A look at the not-so-hacking hacker techniques attackers are using to compromise user accounts via weak passwords and gain access to enterprise networks.
Categories:
Cybercrime
Hacking
Tags: brute forcecredential stuffingenterpriseenterpriseshackershackingpassword managerspassword sprayingreusing passwordsweak passwords
(Read more...)
|
Hack | ||
|
2019-03-20 15:00:00 | Facebook\'s history betrays its privacy pivot (lien direct) | ||||
|
2019-03-19 15:00:00 | New research finds hospitals are easy targets for phishing attacks (lien direct) |
New research from Brigham and Women's Hospital in Boston finds hospital employees are extremely vulnerable to phishing attacks. The study highlights just how effective phishing remains as a tactic, and why awareness of email scams is more critical than ever.
Categories:
101
Business
Tags: anti-phishinghealthcarehealthcare cybersecurityhospital securityhospitalsphishing
(Read more...)
|
|||
|
2019-03-18 14:57:01 | A week in security (March 11 – 17) (lien direct) |
A roundup of security news from March 11–17 covering our most recent blogs and other news, including Lazarus Group, Emotet, PSD2, reputation management, Google's Nest, and Firefox Send.
Categories:
Security world
Week in security
Tags: Apex LegendsChinese DNAemotetfacebookFacebook outageFirefox SendGoogle NestGoogle PlayLazarus Groupnetflixpsd2Spotify
(Read more...)
|
Medical | APT 38 | |
|
2019-03-14 17:37:05 | Mozilla launches Firefox Send for private file sharing (lien direct) |
Mozilla recently launched Firefox Send, a new, secure way to share files from inside your browser. We discuss the pros and cons of this service.
Categories:
Cybercrime
Privacy
Tags: firefoxprivatesecuresendsharing
(Read more...)
|
|||
|
2019-03-14 16:15:05 | Reputation management in the age of cyberattacks against businesses (lien direct) |
A business's reputation takes years to build. With the current climate of data breaches, unsurprisingly, destroying it could only take seconds. What can businesses do to protect their brands from a fallout following a cybersecurity incident? In this post, we answer these questions and more.
Categories:
101
Business
FYI
Tags: brmbusiness reputation managementchief marketing officercmoglobal economic crime and fraud surveyhome depotIncident Responsepersonally identifiable informationPIIprivacyreputation managementsecurity breach notification lawsSocial EngineeringWetherspoon
(Read more...)
|
|||
|
2019-03-14 15:00:00 | Emotet revisited: pervasive threat still a danger to businesses (lien direct) |
Emotet is often mentioned as one of the most annoying, effective, and costly present-day malware infections. We discuss the reasons why and the proper way to remove it.
Categories:
Cybercrime
Malware
Tags: banking TrojanbotnetemotetEternalBlueinformation stealerRyuk ransomwareSMB vulnerabilitiestrickbottrojan
(Read more...)
|
Malware Threat | ||
|
2019-03-13 16:30:02 | Google\'s Nest fiasco harms user trust and invades their privacy (lien direct) | Read more...) | |||
|
2019-03-13 15:00:00 | Explained: Payment Service Directive 2 (PSD2) (lien direct) |
PSD2 is coming to the EU. What is it? How will it be used? What are the implications? Many questions and some answers and recommendations.
Categories:
Privacy
Security world
Tags: aispbankingcryptocurrencyEuropean UnionfacebookgdprGoogleinformationPSDpsd2
(Read more...)
|
|||
|
2019-03-12 16:27:00 | The Advanced Persistent Threat files: Lazarus Group (lien direct) |
Lazarus Group, the threat actors likely behind the Sony breach and WannaCry outbreak, are in the news again. Here's what you need to know about this North Korean organization, and what you should do to protect against such nation-state attacks.
Categories:
Criminals
Threat analysis
Tags: APTLazarusNorth Korea
(Read more...)
|
Threat Medical | Wannacry APT 38 | |
|
2019-03-11 15:47:02 | A week in security (March 4 – 11) (lien direct) |
A roundup of cybersecurity news from March 4–11, including a Chrome zero-day, Labs' data privacy report, news from RSA, and more.
Categories:
Security world
Week in security
Tags: AppleBaby BoomerBaby Boomerschromedata privacy lawsdev-fuseGen ZedGoogle ChromeiPhonemachine learningMillennialMillennialsNational Security AgencyNSAransom.troldeshransomwareRSARSA ConferenceshadestudysurveillancesurveyTim AppleTim CookTroldeshTroldesh ransomwareultrasoundultrasound scanningUS data privacy lawsVerizonvulnerabilityweek in securityzero dayzombie email
(Read more...)
|
|||
|
2019-03-08 19:13:01 | Google Chrome zero-day: Now is the time to update and restart your browser (lien direct) |
A particularly dangerous Google Chrome zero-day is already being used in real-world attacks. Despite Google's auto update feature, users will need to close and restart their browser in order to be protected.
Categories:
Exploits
Tags: 0daychromeexploitexploitsGooglevulnerabilityzero day
(Read more...)
|
|||
|
2019-03-08 16:00:00 | Zombie email rises from grave after eight years of radio silence (lien direct) |
What do you do when an email account you assumed was long gone comes back to life after eight years?
Categories:
Cybercrime
Privacy
Tags: accountemailemail accountISPISPspasswordstalk talkzombie email
(Read more...)
|
|||
|
2019-03-07 16:00:00 | The not-so-definitive guide to cybersecurity and data privacy laws (lien direct) |
In the first blog for Malwarebytes Labs' cybersecurity and data privacy law series, we tackle US data privacy compliance from a startup's perspective. GDPR, COPPA, HIPAA-it's all here.
Categories:
Privacy
Security world
Tags: California Online Privacy ProtectionCalifornia Online Privacy Protection ActChildrens Online Privacy Protect ActCOPPAcybersecuritycybersecurity compliancecybersecurity lawsdata breachdata breach notificationdata breach notification lawData privacydata privacy compliancedata privacy lawsDo Not TrackEUEuropean UniongdprGeneral Data Protection RegulationGoogleHealth Insurance Portability and AccessibilityHIPAAlegalprivacyprivacy policystartup
(Read more...)
|
|||
|
2019-03-06 16:00:00 | Spotlight on Troldesh ransomware, aka \'Shade\' (lien direct) |
Troldesh is ransomware that relies heavily on user interaction. Nevertheless, a recent spike in detections shows it's been successful against businesses in the first few months of 2019.
Categories:
Malware
Threat analysis
Tags: decryptordecryptorsransom.troldeshransomwareransomware remediationshadethreat spotlightTroldesh
(Read more...)
|
Ransomware | ||
|
2019-03-05 13:00:00 | Labs survey finds privacy concerns, distrust of social media rampant with all age groups (lien direct) |
Our survey and accompanying report find that, no matter their age, users have deep concerns about the privacy of their data online and take significant steps to secure it. Learn how public distrust in corporations' ability to protect and use data in ethically responsible ways has shaped their behavior online.
Categories:
Privacy
Security world
Tags: cambridge analyticaData privacyfacebookfacebook-cambridge Analytica scandalgdprgeneral data privacy regulationsprivacysearch enginessocial mediasocial media distrust
(Read more...)
|
|||
|
2019-03-04 18:03:03 | A week in security (February 25 – March 3) (lien direct) |
A roundup of the past week's news, including mobile threats, viral scares, PDF tracking, and more.
Categories:
Security world
Week in security
Tags: exploitsGPUmomoPDFtrackingtwitter
(Read more...)
|
|||
|
2019-03-01 16:43:03 | Spectre, Google, and the Universal Read Gadget (lien direct) |
A recently released paper by Google has resurrected the spirit of Spectre, a seemingly never-ending threat to most makes of processor. We take a look at what this means, and what the Universal Read Gadget means for most technology users.
Categories:
Cybercrime
Hacking
Tags: CPUexploitGoogleMeltdownmeltdown and spectreSpectreuniversal read gadgetvulnerability
(Read more...)
|
Threat | ||
|
2019-02-28 16:00:00 | Key considerations for building vs. buying identity access management solutions (lien direct) |
Having a strong identity and access management solution is critical to the security of your organization. It ensures that the right people have access to your system-and keeps unauthorized users out. Should businesses build these solutions in-house or look to third-party vendors to fill the gap? Here are the factors to consider.
Categories:
101
Business
Tags: access managementaccess management solutionsdevelopment teamsengineeringiamidentity access managementrisk mitigationthird party
(Read more...)
|
|||
|
2019-02-27 17:04:02 | Will pay-for-privacy be the new normal? (lien direct) |
As the US considers new data privacy laws, at least two new proposals include calls to exchange money for privacy-an unwelcome bargain for users. Before pay-for-privacy becomes law, privacy as a right should become industry practice.
Categories:
Privacy
Tags: Amy KlobucharBrian SchatzCaliforniaCalifornia Consumer Privacy ActConsumer Data Protection ActConsumer Privacy ActCredoCredo MobileDuckDuckGoduty to carefacebookFederal Trade CommissionFloridagdprGoogleHawaiihuman rightMarco RubioMinnesotaoregonpay-for-privacyprivacyprotonmailRon Wydentargeted adstargeted advertisingtwitter
(Read more...)
|
|||
|
2019-02-26 16:00:00 | New Golang brute forcer discovered amid rise in e-commerce attacks (lien direct) |
E-commerce sites are a hot commodity these days. We dig into how compromised PCs are helping to hack into them to inject skimmers, whether via vulnerabilities in the websites themselves or through a new malware we discovered gaining entry via brute force.
Categories:
Threat analysis
Tags: BotbotnetbruteforceGolanggoogletagmanagerMagecartmagentoskimmer
(Read more...)
|
Malware Hack | ||
|
2019-02-26 13:00:00 | What K–12 schools need to shore up cybersecurity (lien direct) |
We discuss the challenges facing K–12 schools looking to protect students' data, and which solutions they can adopt in order to build up defenses and increase cybersecurity awareness.
Categories:
101
Business
Tags: cybersecurity educationeducationK–12k–12 schoolsphishingphishing attacksprivate schoolspublic schoolsransomwareschools
(Read more...)
|
|||
|
2019-02-25 16:52:02 | A week in security (February 18 – 24) (lien direct) |
A roundup of security news from February 18–24 covering our most recent blogs and happenings in the world of infosec, including ATM hacking, Facebook location settings, spear phishing, and more.
Categories:
Security world
Week in security
Tags: AndroidatmbabysharkexploitfacebookwinRAR
(Read more...)
|
|||
|
2019-02-25 16:00:00 | Max Schrems: lawyer, regulator, international man of privacy (lien direct) |
Almost 10 years ago, privacy advocate Max Schrems and the European Union began separate efforts to change the way the world thinks about online privacy. Thanks to them, we now have GDPR.
Categories:
Privacy
Security world
Tags: AustriaBraveCalifornia Consumer Privacy ActCNILcomplianceCourt of Justice for the European UnionData Protection DirectiveDPCEdward SnowdenEurope v. FacebookEuropean Charter of Fundamental Human RightsEuropean CommissionfacebookgdprGDPR fineGDPR penaltyGDPR violationGeneral Data Protection RegulationGoogleInformation Commissioner's OfficeirelandIrish Data Protection CommissionerMark Zuckerbergmass surveillanceMaximilian SchremsNone of Your BusinessnoybNSAPRISMPrivacy InternationalSafe HarborSafe Harbor Privacy PrinciplesSanta Clara University School of Law |
|||
|
2019-02-22 17:59:01 | The Advanced Persistent Threat Files: APT1 (lien direct) |
Next up in the Advanced Persistent Threat Files: APT1, a unit of the People's Liberation Army of China known for wide-scale and high-volume data collection on mostly English-speaking companies.
Categories:
Criminals
Threat analysis
Tags: advanced persistent threatsAPT groupsAPT1chinaChinese malwaremimikatz
(Read more...)
|
Threat | ||
|
2019-02-21 17:00:00 | The lazy person\'s guide to cybersecurity: minimum effort for maximum protection (lien direct) | ||||
|
2019-02-21 16:00:00 | How does macOS protect against malware? (lien direct) |
Mac users often are told that “Macs don’t get viruses.” This is not really true, of course. Macs can and do get infected. However, it is true that macOS provides some basic protection against malware. This protection can be quite effective in some ways, but, unfortunately, quite ineffective in others. Let’s take a look at...
Categories:
101
Mac
Tags: gatekeepermacmacOSmalware removal toolMalwarebytes for MacMRTquarantineSIPTCCXProtect
(Read more...)
|
|||
|
2019-02-20 19:21:04 | Sophisticated phishing: a roundup of noteworthy campaigns (lien direct) |
A phishing page that hides behind a translation service. A kit that uses fake font files. A hyper-realistic campaign that could likely fool even the pros. We look at these noteworthy phishing attempts and more to show how far phishers have evolved, and remind users to remain vigilant against this threat.
Categories:
Cybercrime
Social engineering
Tags: font file phishinggoogle translate phishingphishingphishing kitphishing template
(Read more...)
|
|||
|
2019-02-20 16:00:00 | Good bots, bad bots: friend or foe? (lien direct) |
Bots are an endless source of debate online, but all we ever hear about are the bad ones. In this post, we look at some examples you've probably already run into, and explain why one person's good bot is another organization's bad one.
Categories:
101
Business
Tags: ad fraudAIbad botsbidding botbotschat botsmindless botssnipers
(Read more...)
|
|||
|
2019-02-18 16:30:02 | A week in security (February 11 – 17) (lien direct) |
A roundup of security news from February 11-17 covering sextortion, Facebook phishing, Emotet, exploit kits, whole team security, anti-phishing plan, and lots more.
Categories:
Security world
Week in security
Tags: anti-phishing-planbank of valettaemotetexploit kitssextortionsgxVFEmailwhole team securitywordpress plugin
(Read more...)
|
To see everything:
Our RSS (filtrered)
